06543c60906bc61ff0c31d92a700b824_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

06543c60906bc61ff0c31d92a700b824_JaffaCakes118
Size

608KB
MD5

06543c60906bc61ff0c31d92a700b824
SHA1

bac88407e56fc7e5bc9ff21a88891c053f45af52
SHA256

b53bfdaa7afae3fe03b5b3102e59ca2ac79c00dff71488131b351b3ac7d3823a
SHA512

201df189c00832f235490b6f60084cbf8fa000a41a116e600e74514cdda25768229e23e2f76beaff511bb59c7ad920670df5f73ed98f80d93d026f4a5b1bccda
SSDEEP

12288:ku7MD9mscuq0855jz3l9bNizZ4xkjNEVrar:kTatp3l9bNizmxyNqar

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06543c60906bc61ff0c31d92a700b824_JaffaCakes118

Files

06543c60906bc61ff0c31d92a700b824_JaffaCakes118
.dll windows:4 windows x86 arch:x86

984195e15a70e98fb757ef64ea4ae5c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
CreateThread
GetModuleHandleA
DisableThreadLibraryCalls
GetModuleFileNameA
GetProcAddress
Sleep
VirtualProtect
CloseHandle
ReadProcessMemory
OpenProcess
GetLocaleInfoW
SetEndOfFile
CreateFileA
GetOEMCP
GetACP
ReadFile
SetStdHandle
UnhandledExceptionFilter
IsBadCodePtr
GetTimeZoneInformation
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
InitializeCriticalSection
InterlockedExchange
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
RaiseException
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCommandLineA
GetVersion
ExitProcess
FatalAppExitA
LCMapStringA
LCMapStringW
DebugBreak
GetStdHandle
WriteFile
OutputDebugStringA
LoadLibraryA
GetCPInfo
CompareStringA
CompareStringW
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
SetFilePointer
FlushFileBuffers
HeapFree
SetUnhandledExceptionFilter
HeapAlloc
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA

user32

GetWindowThreadProcessId
MessageBoxA
GetAsyncKeyState
SetCursorPos
SendMessageA
FindWindowA

shell32

ShellExecuteA

opengl32

glGetIntegerv
glDepthRange
glEnable
glGetFloatv
glColor4f
glDisable
glTexEnvi

Sections

.text
Size: 532KB - Virtual size: 531KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

984195e15a70e98fb757ef64ea4ae5c3

Headers

File Characteristics

Imports

kernel32

user32

shell32

opengl32

Sections

.text Size: 532KB - Virtual size: 531KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 16KB - Virtual size: 34KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: 532KB - Virtual size: 531KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 16KB - Virtual size: 34KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 20KB - Virtual size: 17KB